Do you remember Charlie Miller? The guy who broke into a fully patched MacBook using a Safari code execution vulnerability… Well, he discovered a new vulnerability. He announced this vulnerability at Syscan conference in Singapore.
This vulnerability could allow an attacker to remotely install and run unsigned software code with root access to the phone. Miller declared that “the SMS vulnerability allows an attacker to run software code on the phone that is sent by SMS over a mobile operator’s network. The malicious code could include commands to monitor the location of the phone using GPS technology, turn on the phone’s microphone to eavesdrop on conversations, or make the phone join a distributed denial-of-service attack or a botnet”.
The good news is that the IPhone OS 3.0 presents fewer options for attackers because it doesn’t have certain applications and features. “The iPhone also requires applications to run in a sandbox, a security feature that isolates them from other applications and limits their access to the phone’s capabilities. But SMS offers a way for attackers to get greater access to the iPhone’s capabilities”. Another good thing is that Apple designed IPhone OS to accept only digitally signed code.
Yesterday Apple announced the availability of the beta version of the SDK for IPhone OS 3.1. For sure this vulnerability will be patched using the version 3.1 of IPhone OS.
Related posts:
No comments yet.
RSS feed for comments on this post. TrackBack URL
